package org.gongziqi.controller;

import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.List;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.subject.Subject;
import org.gongziqi.shiro.ShiroUtils;
import org.gongziqi.utils.R;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import org.apache.log4j.Logger;
import com.google.code.kaptcha.Constants;
import com.google.code.kaptcha.Producer;


/**
 * 
 * @author:	lulx
 * @emial:	gongziqi228@foxmail.com
 * @Description:TODO
 * @time:2017年4月29日 上午8:36:20
 */
@Controller
@RequestMapping("login")
public class SysLoginController {
	
	private static Logger log = Logger.getLogger(SysLoginController.class);
	
	@Autowired
	private Producer producer;	//验证码的 bean
	
	
	@RequestMapping("toindex")
	public String toindex(ModelMap model){
//		/gongziqi/src/main/webapp/jsp/page/index.jsp
		return "page/index";
	}

	/**
	 * 	刷新还是刚进到登录页面 会请求该路径
	 * @param response
	 * @throws ServletException
	 * @throws IOException
	 */
	@RequestMapping("Kaptcha.jpg")
	public void captcha(HttpServletResponse response)throws ServletException, IOException {
		 response.setHeader("Cache-Control", "no-store, no-cache");
	     response.setContentType("image/jpeg");
	     
	     //生成文字验证码
	     String text = producer.createText();
	     //生成图片验证码
	     BufferedImage img = producer.createImage(text);
	     //保存到shiro session
	     ShiroUtils.setSessionAttribute(Constants.KAPTCHA_SESSION_KEY, text);
	     ServletOutputStream  output = response.getOutputStream();
	     ImageIO.write(img, "jpg", output);
	     
		 
	}
	
	/**
	 * 登录
	 * @throws Exception 
	 */
	
	@RequestMapping("tologin")
	@ResponseBody
	public R tologin(@RequestParam("username") String username,
			@RequestParam("password") String password,@RequestParam("captcha") String captcha)throws Exception {
//		String username = request.getParameter("username");
//		String password = request.getParameter("password");
//		String captcha = request.getParameter("captcha");
		
	
		
		String kaptcha = ShiroUtils.getKaptcha(Constants.KAPTCHA_SESSION_KEY);
		if(!captcha.equalsIgnoreCase(kaptcha)){
			return R.error("验证码不正确");
		}
		
		try{
			Subject subject = ShiroUtils.getSubject();
			//sha256加密
			password = new Sha256Hash(password).toHex();
			UsernamePasswordToken token = new UsernamePasswordToken(username, password);
			subject.login(token);
		}catch (UnknownAccountException e) {
			return R.error(e.getMessage());
		}catch (IncorrectCredentialsException e) {
			return R.error(e.getMessage());
		}catch (LockedAccountException e) {
			return R.error(e.getMessage());
		}catch (AuthenticationException e) {
			System.out.println("kanka" + e.getMessage());
			return R.error("账户验证失败");
		} 
	    
		return R.ok();
		
	}
}
